By submitting this form, you consent to receive emails from FRDM. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, please review our Privacy Policy.
Thank you! Your submission has been received!
Download PDF
Oops! Something went wrong while submitting the form.
Stay up-to-date with the latest news on supply chain regulations.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Cyber policies module

Download Cyber Policies Module Guide
Monitoring cyber risk of suppliers is of paramount importance in today's interconnected and digital business landscape. Suppliers often have access to sensitive information, critical data, and interconnected systems within the company's supply chain, making them potential entry points for cyber threats.
By evaluating the cyber policies and practices of suppliers, companies can gauge their cybersecurity maturity, identify potential vulnerabilities, and assess the risk they may pose to the company's data and operations. FRDM’s Cyber Module predicts and measures risk across suppliers and sub-suppliers in your organization.

According to a study by the Ponemon Institute, 59% of companies experienced a data breach caused by a third-party vendor or supplier in 2021. This statistic highlights the significant risk that cyber breaches in suppliers pose to companies and underscores the importance of assessing and managing cyber risks throughout the supply chain. Companies need to be vigilant in evaluating the cybersecurity practices of their suppliers to protect their sensitive data and maintain the integrity of their operations. Understanding the cybersecurity posture of suppliers allows companies to take proactive measures to strengthen their overall cyber resilience. Collaborating with suppliers to align cybersecurity standards, sharing best practices, and implementing necessary improvements can help create a robust and secure supply chain ecosystem.
Facts
42%
Growth of cyber threats in supply chains over the past year.
(Accenture Cyber Threat Intelligence Report, 2021)
40%
The percentage of companies experiencing a cybersecurity breach through a third-party vendor
(Deloitte, 2020)
287 days
Companies experienced an average downtime of 287 days following a supply chain data breach, resulting in substantial financial and reputational losses. (The IBM Cost of a Data Breach Report, 2021)
(The IBM Cost of a Data Breach Report, 2021)
68%
Percentage of assesed suppliers with inadequate cybersecurity practices, posing significant risks to their customers' supply chains.
(BitSight, 2021)
Primary Challenges Facing Companies.
Lack of Supply Chain Visibility:
Many companies have limited visibility into the cybersecurity practices of their suppliers.Third-Party Dependencies: Companies often depend on numerous suppliers and third-party vendors, increasing the risk of cyber breaches through the supply chain.
Cybersecurity Maturity Variability
Suppliers may have varying levels of cybersecurity maturity, with some
lacking adequate security measures.
Regulatory Compliance and Legal Concerns:
Companies may face legal and regulatory repercussions if a cyber breach occurs through their supply chain, especially if personal or sensitive data is compromised.
Difficulty in Enforcing Cybersecurity Standards:
Companies may struggle to enforce cybersecurity standards and best practices among their suppliers.
Insider Threats:
Cybersecurity incidents can also be caused by insider threats, where malicious or negligent actions from employees or contractors within the supply chain lead to data breaches.
Emerging Threats and Sophisticated Attacks:
Cyber attackers constantly evolve their tactics, making it challenging for companies and their suppliers to keep up with emerging threats and protect against sophisticated attacks.
Resource Constraints:
Many suppliers, especially smaller ones, may lack the resources or expertise to implement robust cybersecurity measures, leaving them vulnerable to cyber breaches.
Supply Chain Complexity:
Global supply chains can be complex, with multiple tiers of suppliers and cross-border operations.
Lack of Incident Response Preparedness:
Companies may not have adequate incident response plans in place to handle cyber breaches that occur through their supply chain.
How It Works
Each supplier gets a score based on FRDM’s supplier diversity risk algorithm along with any assessment information the supplier chooses to provide.
The supplier diversity risk algorithm consists of multiple indicators such as the DEI Country Index and the US Bureau Of Labor Statistics. Each supplier loaded into FRDM gets risk scored for the industry(s) it works in, country(s) it operates in, products or services it provides, and trading partners it does business with (requires Trading Partners Module). In addition FRDM screens for any adverse media involving your supplier related to supplier diversity risk keywords.
Suppliers can be invited  to link to your dashboard via their own SUPPLIER LINK DASHBOARD which allows them to provide relevant certifications, policy assessments, and additional information about diversity practices.

Supplier’s scores change accordingly based on the maturity of their certifications, policies, and additional information. FRDM aggregates all supplier scores into an impact page where you can track progress over time as well as generate reports for external use.
How It Works
FRDM risk ranks each supplier across five spectrums (weak to strong) in regards to cyber risk based on industry, geo, adverse media/reports, and cyber policy evaluation.
FRDM uses only your basic available vendor data (supplier name, industry, location, spend, and purchase) so you don’t have to overburden your team and suppliers with difficult data requests. FRDM runs constant adverse media checks for any mentions of cyber issues or reports against supplier names. Suppliers are offered a free portal called SUPPLIER LINK providing the supplier with resources and assessments to determine cyber policy maturity.  Any cyber certifications can be collected  through the Supplier Link portal, and nested in the buyer's dashboard.
Benefits
Autonomous analysis of entire supply chain
Automated supplier engagement
Roll up of any cyber breaches in tier one suppliers
100% cloud based - no spreadsheets, emails, or consulting fees needed
Simple performance tracking and training
Intuitive reporting tools
Ready to Buy Better?
Contact us

Are you located in Europe?

noyes
Stay up-to-date with the latest news on supply chain regulations.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Product
SolutionsWhy FRDMFRDM for procurementFRDM for complianceFRDM for executives
RESOURCES
PodcastSupportHow It WorksBlogOshkosh Case StudyAustralia Modern Slavery ActCanada Modern Slavery ActCorporate Sustainability Due Diligence DirectiveFrench Duty Of Vigilance ActGerman Supply Act (LKSG)UFLPAUK Modern Slavery ActCTPATFAQs
company
About usPressContact usPrivacy PolicyTerms & Conditions